CVE-2019-14224: Authenticated Remote Code Execution in Alfresco Community# CVE-2019-14224: Authenticated Remote Code Execution in Alfresco Community
By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution. The attacker must use Alfresco to:
- Upload malicious Solr configuration files to a known/discoverable location
- Create a Solr Core which will trigger a JMX connection from the victim back to the attacker
- Host a malicious RMI server that will send a malicious Java object that results in deserialization and code execution.
### NVD Disclosure:
The disclosure for this vulnerability can be found [here](https://nvd.nist.gov/vuln/detail/CVE-2019-14224).
### Requirements:
This vulnerability requires:
<br/>
- Access and valid user credentials for the Alfresco Admin Console
- Access to the Alfresco WebDAV or Alfresco Share
- Access to the Alfresco Solr interface
### Proof Of Concept:
More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2019-14224/blob/main/Alfresco%20-%20CVE-2019-14224.pdf).
### Additional Information:
Unauthenticated access to the Alfresco Solr interface may be obtained via [CVE-2019-14222: Default Certificate in Alfresco Community](https://github.com/mbadanoiu/CVE-2019-14222)
[4.0K] /data/pocs/ab1150f9b893e9b3b3eb35ad6199a672a1753441
├── [1.6M] Alfresco - CVE-2019-14224.pdf
└── [1.3K] README.md
0 directories, 2 files